227
JP Morgan staff told they must share biometric data to access headquarters
(www.theguardian.com)
Waiting for a penis scanner.
this post was submitted on 10 Oct 2025
227 points (98.7% liked)
Technology
75758 readers
3412 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Nothing stopping you from registering your penis on a fingerprint scanner as a fingerprint haha. Maybe just the ability to reach where the scanner is.
I have one of those. It's called a wife.
Biometrics aren't passwords they are usernames, passwords necessarily change I'm not changing my fingerprints or iris or bhole or whatever they want to scan. With how easy it is to copy someone's bio markers vs stealing their password this would be a huge security risk if they want to use it for entry to secured facilities.
It's usually used as a second factor. You have your I'd card (something you have) and your bio (something you are). add that with a password (something you know) and you are pretty good
You think it’s easy to steal someone fingerprint or iris in a way that will work on scanners?
How?
Ooooh. I wonder what I can get into if I kidnap the ceo and scoop out an eyeball?! So exciting.
Im hoping for the breath access from aliens. Seemed so stupid that it might work?
Getting nervous about the general public are we?
Sow:reap
Lmao my thoughts exactly. Not just the general public, if enough Republicans get nervous and finally vote to subpoena those files, they might have to be legally taken by force.
Who had "If House Republicans would just fucking vote for accountability, the villain officially breaking the law and protecting pedophiles would be the CEO of a big bank?" on their bingo card. 🙋♀️
Curious why they would want to protect a pedophile protector and those bank files. Unless...?
"Survival of the fittest! It's the natural order of things. Let nature take it's cour... Hey, excuse me! You're not supposed to be here without a biometric scan!"
LoL! This post is STUPID! WHY would Republicans vote AGAINST Pedophiles AND rich People? Those are their ONLY Voting Blocks!
They also have idiots, let's not forget them
I don't think so, these places are ones that have the "yes, actually mossad" threat vector to defend against.
Like the general public already wouldn't get in.
i take this to mean "shit on the fingerprint scanner"
Staff: "But we don't have to if we work remotely, right."
JP Morgan Chase: "No remote work."
I feel like there’s some kind of middle ground between the notoriously insecure HID style building access card and providing biometrics.
I wonder if this has anything to do with a RTO push and people badging in for others. But then VPN usage would show that…
Are you telling me you don't VPN into the office when you arrive to the office?
At one place I worked that was considered our two-factor auth….
Well, I do. But it's because the security layers on the wifi are more strict than on the VPN to such a degree that I can't actually connect to it from my work laptop.
If you can connect to the company vpn from the companies WiFi, they’ve configured their networks wrong.
Some companies do "internet only" wifi where there is no routing to internal services for anyone, radius or not. A VPN is required, even when at work, to access anything internal wirelessly. Its a perfectly reasonable config that lowers the risk of breach of your internal network by exposing less of it over the air.
This is also the nominal config for most zero trust networks, but that's more a consequence of the "always on" nature of those VPN connections since you never have unencryted traffic anywhere, regardless of origin point.
Our servers are in a data center and not in the office building. We work remote most of the time and are only in office for important meetings and other things where it's just easier to work together when sitting on the same table. If you don't work with confidential data like HR or top management where you have physical things nobody else should see, you don't have a personal desk because there are more people working than workplaces.
So the office is just "another place to work". Wifi and LAN are just for internet, you can't access internal services without VPN. Makes it way easier to manage instead of having to different routes to maintain.
Not quite like that. There is an internal wifi that I can't get onto, and a public "guest" wifi that half of the tech staff uses and VPNs from.
Basically the protected wifi only really works on locked-down windows machines, and those aren't usable for most developers. It's mostly mac and linux there, and while the protected wifi is supposed to work on those, the IT staff don't know how.
locked-down windows machines
I've worked in IT since we used Netware with Windows 3.1
While I totally get what's being said, it still makes me chuckle.
Maybe I should, to establish a pattern.
But then I’d have to go to the office. Ew. HR is there.
2FA the access card? Swipe your badge, receive a prompt on your phone "Are you trying to badge in at $BUILDING?", hit allow, be granted access to building.
Another option would be badge + PIN code.
Oh no, those poor innocent investment bankers
Biometric access requires staff to scan their fingerprints or eye to gain access through security gates in the lobby instead of swiping their ID badges.
You could not sign me up fast enough to be able to open my office’s door with my fingerprint or eye.
The systems that handle biometric logins for gigantic companies are usually pretty bulletproof and have been audited many times.
I’m guessing people on here will think this is the second coming of the devil though lol. I can only imagine the outrage if FaceID/TouchID didn’t already exist on phones and Apple/google/etc added it in 2025 🤣
Fire me